Check to See if Your ID Has Been Compromised at New Stolen Password Search Site

From a CBC story

A website that lets people check whether their email addresses, usernames and passwords have been stolen in a cyberattack and posted online has been launched by an Australian who is a former IT security consultant.

This new website, shouldichangemypassword.com, allows concerned internet users to enter an email address and see whether it appears in stolen information posted online by groups such as Lulz Security. If an email is listed in the database of stolen data, the site will list what information among your email, username and password have been compromised, how many times it has been compromised, and the most recent incident. It will also recommend that the user change all his or her passwords.

The person behind the site says he plans to keep updating the site whenever a new password database is made public “in perpetuity.” Will be interesting to see how long it really lasts – and of course, an all clear doesn’t necessarily mean an all clear, but nice to be able to crosscheck if you ID appeared online.

Comments

  1. Nice way to harvest email addresses…

  2. If I was going to devise a scheme to steal email addresses and passwords, this is what it would look like.

  3. this wouldn’t steal passwords (since you are not asked to enter one), but definitely good to harvest emails. The response comes back a little too fast.